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MODULAR ENTERTAINMENT AND GAMING SYSTEMS 

BACKGROUND OF THE INVENTION 

1. Cross-Reference To Related Applications 

This application is related to co-pending and commonly assigned application 
10/120,647 filed on April 10, 2002, attorney reference CYBS5804 entitled "Modular 
Entertainment and Gaming System Configured For Network Boot, Network Application 
Load and Selective Network Computation Farming", co-pending and commonly assigned 
application 10/120,635 filed on April 10, 2002, attorney reference CYBS505 entitled 
"Modular Entertainment And Gaming Systems Configured To Consume and Provide 
Network Services" and co-pending and commonly assigned application 10/120,668 filed 
on April 10, 2002 and attorney reference CYBS5806 entitled "Modular Entertainment 
And Gaming Systems Configured for Processing Raw Biometric Data and Multimedia 
Response by a Remote Server", the disclosures of each being incorporated herewith by 
reference. 

2. Field of the Invention 

This invention relates generally to the field of pay computer-controlled games and 
entertainment devices, including both games of skills and games of chance. More 
particularly, the present invention relates the field of methods, systems and devices for 
the automated monitoring and control of a large number of clusters of such pay gaming 
and entertainment devices. 

3. Description of the Related Art 

Conventional pay entertainment and gaming systems, either of the cash or the 
cash-less type, are seriously limited due to the technical choices that are typically made to 
comply with regulatory requirements. Indeed, regulators are mainly concerned with 
fraud, cheating and stealing, as may occur when legitimate winners are deprived of their 
just winnings or when illegitimate users receive illegitimate winnings. Because of these 
security concerns, regulators are reluctant to approve licenses for state-of-the-art "open" 
multimedia and Internet technologies, opting instead for known but antiquated 



WO 03/045517 



PCT/US02/37537 



2 

technology. 

However, the security of such antiquated technology (i.e., technology developed 
prior to the present advanced multimedia and Internet age) is mostly illusory. Such 
conventional technologies are only perceived as being more stable and secure because 
their flaws are not widely publicized. Computer technology being extremely complex, 
there are always latent imperfections and flaws, which may be exploited by the ill 
intentioned. This is even truer with antiquated technology, as hacker-crackers have now 
access to considerable information on software weaknesses as well as sophisticated 
attack strategies and tools that they may apply to older software. 

Legacy entertainment and gaming systems that are authorized for use in public 

places are usually aggregates of old technologies bundled together with some PC 

hardware featuring basic fault tolerance, basic data integrity and add-hoc security means, 
■ 

together with some LAN networking functionality to enable some primitive centralized 
auditing. Although some advanced security means have been proposed (such as 
disclosed in, for example WO 01/41892) that promote off-line gaming security using 
smart cards, this approach in fact exposes the system to latent unidentified security 
threats that hacker-crackers or employees will likely eventually exploit. Off-line or semi- 
on-line systems are totally in the hands of very few people. In short, these systems 
operate essentially with little means for detecting under-the-radar fraud (to push the . 
analogy farther, finer-grained and smarter radar means would be uneconomical for casino 
and gaming operators to implement). 

In contrast, lottery and pari-mutual wager systems have evolved to modern fully 
on-line very-high-capacity mission-critical systems tunneling billions of dollars annually 
while offering significantly greater security means than the security afforded by banks. 
Since these organizations have come on-line, lawsuits resulting from complaints, flaws 
and fraud, including internal fraud by employees, have virtually disappeared. However, 
although pay entertainment and gaming machines based on secure Internet web browser 
and cash-less payment technology are ideal centralized candidate solutions to equip 
casinos and like sites, these may rapidly kill the traditional gaming support industry. 

The entertainment and gaming systems lag behind state-of-the-art multimedia PC, 
gaming console, wireless and interactive TV technologies; consequently these systems 
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are ill prepared to attract the younger player generation accustomed to flashy and 
networked games. 

SUMMARY OF THE INVENTION 

It is therefore an object of this invention to provide an architecture that 
overcomes the technical lag, security limitations and lack of stability of the prior art. It is 
a further object of this invention to provide an architecture that overcomes rapid 
obsolescence of technology. It is yet another object of this invention to provide a flexible 
architecture that may more easily accommodate the variety of specific regulatory 
requirements encountered around the world. It is a still further object of this invention to 
provide specific function peripheral devices with means of secure identification and 
secure network communication. 

According to an embodiment thereof, the present invention is a gaming system, 
including a communication network; at least one gaming machine coupled to the 
communication network, the at least one gaming machine including at least one 
specialized device coupled to the communication network; at least one central server, the 
at least one specialized device being configured to offer direct asynchronous notification 
of events to the at least one central server over the communication network. 

The gaming machine may be a cashless gaming machine, a cash gaming machine 
or an entertainment machine. The specialized device may include one or more player 
identification devices and/or one or more devices configured to handle payments to and 
from a player. The central server may be an automatic and unattended payment 
verification unit. The specialized devices may include a random number generator. The 
communication network may be wireless and the gaming machine may be portable 
and/or mobile. The specialized devices may communicate with the central server using 
an IP protocol, a secure protocol, a secure IP protocol, a VPN tunneling protocol, the 
Kerberos protocol and/or a SSL protocol, for example. The gaming system may further 
include a Certificate Authority and communications from the plurality of specialized 
devices to the central server may be authenticated by the Certificate Authority. The 
gaming system may further include high-level software modules and the plurality of 
specialized devices may be controlled by the high-level software modules. The high- 
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level software modules may be located in each of the gaming machines. The high-level 
software modules may be located in each of the central servers. 

According to another embodiment, the present invention is a gaming system 
including a communication network; at least one payment verification unit coupled to the 
communication network, the payment verification unit including a plurality of 
specialized devices; at least one central server, the central server being configured to 
communicate with the plurality of specialized devices. 

The payment verification unit may include an automatic and unattended payment 
verification unit. The gaming system may further include at least one gaming machine 
coupled to the communication network, the gaming machine including a plurality of 
specialized devices that may be controlled by the payment verification unit. The 
specialized devices may be controlled by the payment verification unit. The specialized 
devices may be controlled by the central server. The communication network may be 
wireless. At least one of the plurality of specialized devices may be configured to handle 
payments to and from a player. At least one of the plurality of specialized devices may 
be configured to identify players. The specialized device may include a random number 
generator. The specialized device may communicate with the central server using one of 
an IP protocol, a secure protocol, a secure IP protocol, a VPN tunneling protocol, the 
Kerberos protocol or a SSL protocol, for example. The gaming system may further 
include a Certificate Authority and communications from the specialized device to the 
central server may be authenticated by the Certificate Authority. The gaming system 
may further include high-level software modules and the specialized device may be 
controlled by the high-level software modules. The high-level software modules may be 
located in the payment verification unit and/or the central server(s). 

The present invention is also a system for controlling gaming machines, including 
a communication network; at least one gaming machine coupled to the communication 
network, the at least one gaming machine including at least one specialized device 
coupled to the communication network; at least one payment verification unit, the 
specialized device(s) being configured to offer direct asynchronous notification of events 
to the payment verification unit(s) over the communication network. 

The gaming machine may include at least one of a cashless gaming machine, a 
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cash gaming machine and an entertainment machine. The payment verification unit may 
be an automatic and unattended payment verification unit. The specialized device(s) may 
be controlled by the payment verification unit. The specialized device(s) may include at 
least one player payment device. The specialized device(s) may include at least one 
player identification device. The specialized device(s) may include at least one random 
number generator. 

The present invention is also a system for controlling gaming machines, including 
at least one gaming machine including a first random number generator; at least one 
central server including a second random number generator and a communication 
network linking the gaming machine and the central server. The gaming machine may be 
configured to selectively obtain random numbers from the first or the second random 
number generator. 

The system may further include at least one payment verification unit coupled to 
the network. The payment verification unit may include a third random number 
generator, and the gaming machine may be configured to selectively obtain random 
numbers from the first, second or third random number generators. 

The present invention, according to another embodiment thereof is a system for 
controlling gaming machines, including at least one gaming machine including a first 
random number generator; at least one payment verification unit including a second 
random number generator and a communication network linking the gaming machine 
and the payment verification unit. The gaming machine may be configured to selectively 
obtain random numbers from either the first random number generator or the second 
random number generator. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Figure 1 is a diagram of a gaming system in accordance with an embodiment of 
the present invention. 

Figure 2 is a diagram of an exemplary cash gaming machine in accordance with 
an embodiment of the present invention. 

Figure 3 is a diagram of an exemplary cash-less gaming machine in accordance 
with an embodiment of the present invention. 
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Figure 4 is a diagram of an exemplary entertainment machine in accordance with 
an embodiment of the present invention. 

Figure 5 is a diagram an exemplary PVU (Payment Verification Unit) in 
accordance with an embodiment of the present invention. 

Figure 6 is a diagram of an exemplary compact PVU in accordance with an 
embodiment of the present invention. 

Figure 7 is a diagram depicting an exemplary Automatic PVU (APVU) or "Smart 
Cashier" in accordance with an embodiment of the present invention. 

Figure 8 is a diagram depicting a tightly coupled configuration of a gaming 
machine in accordance with an embodiment of the present invention. 

Figure 9 is a diagram depicting a modular software architecture of a gaming 
machine in accordance with an embodiment of the present invention. 

Figure 10 is a diagram depicting a loosely coupled software configuration of a 
gaming machine in accordance with an embodiment of the present invention. 

Figure 1 1 is a diagram depicting a virtual configuration of the software 
architecture of a gaming machine in accordance with an embodiment of the present 
invention. 

Figure 12 is a diagram depicting an extended virtual configuration of the software 
architecture of a gaming machine in accordance with an embodiment of the present 
invention. 

Figure 13 is a diagram depicting a number of Internet ready specialized devices 
coupled to an APVU, according to an embodiment of the present invention. 

Figure 14 is a diagram depicting partial processing by central server(s) 1 12 in 
accordance with an embodiment of the present invention. 

Figure 15 is a diagram depicting a central server system, according to an 
embodiment of the present invention. 

Figure 16 is a diagram depicting processing of gaming machine functions by PCs 
within a central server system, in accordance with an embodiment of the present 
invention. 

Figure 17 is a diagram depicting each remote gaming machine connected to an 
individual PC or computer server located within a central server system 1 12, in 
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accordance with an embodiment of the present invention. 

Figure 1 8 is a diagram depicting a central server system that includes a server 
farm for performing operating system and applications boot to the individual PCs of a 
central server from a central storage facility, in accordance with an embodiment of the 
present invention. 

Figure 19 is a diagram depicting a simplified Plug and Play protocol, in 
accordance with an embodiment of the present invention. 

Figure 20 is a diagram depicting asynchronous notification of events, in 
accordance with an embodiment of the present invention. 

DETAILED DESCRIPTION OF THE INVENTION 

Reference will now be made in detail to the construction and operation of 
preferred implementations of the present invention illustrated in the accompanying 
drawings. The following description of the preferred implementations of the present 
invention is only exemplary of the invention. The present invention is not limited to 
these implementations, but may be realized by other implementations. 

Figure 1 illustrates a gaming system 100 according to an embodiment of the 
present invention. The system 100 may include a plurality of gaming machines 200, 300; 
one or a plurality of gaming machines clusters 106 located in the same site or in 
geographically dispersed locations; a plurality of Payment Verification Units 500 
(hereafter, "PVU"), at least one such PVU 500 being associated with each gaming 
machines cluster 106, and one or more central server(s) 1 12. Instead of or in addition to 
the PVU 500, a compact PVU 600 (Fig. 6) and/or an automated PVU or APVU 700 may 
be associated with individual gaming machines 200, 300 and/or cluster(s) 106. The 
clustering of gaming machines may be carried out according to geographicaLlocation, 
type of gaming machine, regulatory requirements, type of application and/or any criteria 
for grouping the gaming machines in a physical or logical cluster 106. The gaming 
machines 200, 300, PVUs 500, 600 or 700 and central server(s) 1 12 are networked 
together within a wide area network 102 (which may include, for example, the Internet). 

The gaming system 100 may further include one or a plurality of entertainment 
machines. Alternatively, the entertainment machines 400 may be substituted for all or 
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some of the gaming machines 200, 300. Within the context of the present invention, 
gaming machines 200, 300 include machines that enable the player to plays games of 
chance while entertainment machines 400 include machines that enable the player to play 
games of skill, to watch entertainment materials or to even participate in interactive 
entertainment sessions with groups of players or other individual players. Monetary 
payouts from games of skills and entertainment machines 400 are usually illegal and 
prizes may commonly be awarded in the form of longer play sessions or ranking into a 
higher skill level. 

Central server(s) 1 12 may be located on the same premises as the gaming 
machines 200, 300, entertainment machines 400 and PVUs 500, 600, 700 or elsewhere. 
A plurality of servers 1 12 may be used in various configurations. For example, the 
server(s) 1 12 may be located on same premises for fault tolerance backup, located on 
different premises for disaster tolerance backup, located on same or different premises 
for load balancing and/or configured in a hierarchical structure, whereby a hierarchically- 
higher server 112 provides consolidated services for one or a plurality of hierarchically- 
lower servers 112. 

Figure 2 illustrates a gaming and identification verification machine 200 that 
accepts and redeems cash. It is to be understood that the gaming machine 200 is but one 
possible implementation of such gaming machines and that the present invention is not 
limited thereto. Indeed, the system 100 may include any mix of any gaming and/or 
entertainment machines of most any kind. The gaming and identification verification 
machine 200 may include a display 202, a coin acceptor 204, a banknote acceptor 206, a 
coin hopper 210, a gaming machine identification (hereafter, "ID") device 212 and a 
plurality of user interaction means 208, which may include buttons, trackballs and/or 
joysticks, for example. The gaming machine ID device 212 is commonly used for 
identifying players that subscribe to a loyalty program to benefit from advantages and 
promotions offered by the gaming operator. Figure 3 illustrates an exemplary cash-less 
gaming machine 300 that does not accept or redeem cash. It is to be understood that the 
gaming machine 300 is but one possible implementation of such a cashless gaming 
machine and that the present invention is not limited thereto. For cash-less operation, a 
gaming device ED device(s) 304, 306 is/are necessary. The gaming machine ID device 
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304, 306 may include a magnetic card reader, a SmartCard reader and writer, a barcode 
reader, a ticket printer, a biometric reader, a touch-screen, keyboard or keypad to enable 
players to enter a PIN (Personal Identification Number) and/or a "Pay" button. The 
gaming machine identification device 304, 306 may further include an ID token reader to 

5 read other forms of advanced ID devices such as ID buttons, ID key-chains (such as 

disclosed, for example in commonly assigned US design patent entitled "Personal 
Communicator and Secure ID Device" patent number D441 ,765 issued on May 8, 2001) 
as well as secure communication means for securely communicating with, for example, 
personal wallets, hand held PCs or computer wrist-watch via infra red, magnetic field, 

10 capacitive charges or RF (Bluetooth, IEEE 802. 1 1 , etc.) for player identification 

purposes. According to one embodiment of the present invention, a player initially 
establishes a player account with the central server(s) 1 1 2 and receives a player ID card 
or ID token bearing the player's account number and other relevant information. 
Alternatively, gaming machine 200, 300, may include a printer 314 (Fig. 3) to provide 

15 the player with a printed ticket 312 including a human and/or a machine-readable ID 

code. Alternatively, the printed ticket 312 may be provided by the PVU 500, 600 or 700 
and read by the gaming machine 200, 300 via a ticket reader 3 1 6. Alternatively still, the 
player may register a biometric feature such as fingerprint, voiceprint and/or face print, 
and a PIN to be entered whenever confirmation of identity is required. All of these ID 

20 devices may allow the player to remain anonymous; in that case, the player's personal 

information is not requested and the assigned or chosen ID is associated with a numbered 
account instead of a personal account. Wager debits and prize credits are controlled by 
the central server(s) 1 12. Players may redeem any account balance by pressing the "Pay 
Button" (which may halt the current gaming session) and by claiming the funds from a 

25 cashier that is connected with the central server(s) 1 12. A machine coded (e.g., bar 

coded) printed ticket 312 may be generated by the gaming machine 200, 300 as 
additional means for claiming the funds or to begin a new game session on another 
gaming machine 200, 300 by causing the ticket reader 316 of the other gaming machine 
200, 300 to scan the machine code on the printed ticket 312. 

30 Electronic purses such as those based on the SmartCard technologies may also be 

used, either in on-line or off-line modes, although off-line operation is to be avoided to 
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preclude latent and under-the-radar fraud, especially from inside employees. 

Figure 4 illustrates a cash-less entertainment machine 400 including the following 
identification and payment means: a magnetic card reader or a SmartCard reader/writer 
404, a ticket printer 412 for printing a ticket 410, a touch-screen 402 (and/or a keyboard 
or keypad) to enter a Personal Identification Number "PIN" and one or more buttons 406, 
408, at least one of which may be a "Pay" button. It is to be understood that the gaming 
machine 400 shown in Fig. 4 is but one possible implementation of such an 
entertainment machine and that the present invention is not limited thereto. The 
entertainment gaming machine 400 may further include a biometric reader such as voice 
recognition (for example), to enable media-less identification means. The entertainment 
machine 400 may be configured for cash-less and/or for cash payment. Such 
entertainment machines 400 may have more than one screen, may allow for 3D, 360- 
degree vision and/or immersive vision, may include advanced interactive controls, force 
feed-back, motion feed-back, motion control, immersive sound and/or any technology 
that enhances the player's entertainment sensory experiences. 

Moreover, the entertainment machines 400 and/or gaming machines 200, 300 
may further include a video camera to allow for face-to-face action, face ID recognition, 
creation of avatars (movable three-dimensional images that may be used to represent a 
person or part thereof - such as a head - in cyberspace) and the like. Incorporating 
functionality for identifying players based upon a recognition of their facial features in 
the entertainment machines 400 and/or the gaming machines 200, 300 would allow any 
pre-registered person to be immediately greeted and his or her account retrieved as soon 
as 'he or she stands by the entertainment machine 400 and/or the gaming machine 200, 
300. Alternatively still, entertainment machines 400 may enable the player to participate 
in a game of chance while offering the player a superb multimedia and sensorial 
experience. 

Because of the technical similarities and potential functional overlap between 
gaming machines 200, 300 and entertainment machines 400, the term "gaming machine", 
as used herein below will collectively refer to both gaming machines 200, 300 and 
entertainment machines 400 and/or any variant or combinations thereof. 

Figure 5 illustrates a payment verification unit or PVU 500, according to an 
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embodiment of the present invention. The PVU may include a computer 502 connected 
to the network 102 with the gaming machines and/or the central server(s) 1 12 and a 
ticket printer 504. The ticket printer 504 may include an integrated printer for printing 
tickets or receipts 506 that include a human and/or machine readable code imprinted 
thereon and code reader 508 for reading the code(s) imprinted on the ticket 506. The 
PVU 500 may also include, for example, a magnetic card reader 5 10, a SmartCard reader 
512, a biometric reader 514 (such as a fingerprint reader, for example), a display 520 and 
input devices such as a keyboard 518 and/or a mouse 516. 

When a player wishes to redeem the credit available in his or her account, the 
player may consult a nearby cashier equipped with a PVU 500 who may identify the 
players account using one of the ID media provided by the player, query the central 
server(s) 1 12 for payment authorization, and proceed with payment. When processing 
the payment authorization, smart pattern analysis software may be used to detect possible 
fraud resulting from counterfeiting whereby (for example) the player would deposit some 
cash funds for credit to his or her account, play very small wager amounts then claim the 
totality of the balance at another cashier. In that case, there is a high probability that the 
coins or notes remitted by the player may be counterfeits or originate from suspicious 
origin. The PVU 500 may also be used for crediting the player's account when the player 
remits cash to play on one of the cash-less gaming machines. 

Figure 6 illustrates a compact version of the PVU 500, according to another 
embodiment of the present invention. The PVU 600 may include an enclosure 602, a 
data display 616 (which may include a touch screen), a magnetic card 606, a smart card 
reader 608, a printed ticket exit 612 through which a printer (internally mounted, not 
shown) dispenses printed tickets or receipts, an optical reader 610 and/or a speaker 604, 
for example. The optical reader 610 may include a barcode reader or most any machine 
vision system. The printer and the optical reader 6 1 0 may draw, for example, from 
aspects of the printers and scanners disclosed in commonly assigned and co-pending US 
patent applications serial number 09/441,040 filed on Nov. 16, 1999 entitled "Compact 
Configurable Scanning Terminal" and/or serial number 09/782,839 filed on February 14, 
2001 and entitled "Compact Document Scanner with Branding", the disclosure of each is 
incorporated herein in its entirety. 
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Figure 7 illustrates an embodiment of an automated PVU or APVU 700, which 
dispenses with the need for a human cashier. The APVU 700 may include an internal 
computer connected to the network 102 with the gaming machines and/or the central 
server(s) 1 12, a coin acceptor 722, a note acceptor 720, a coin dispenser/hopper 718, a 
SmartCard or magnetic card dispenser 704, a note dispenser 714, a ticket printer 710 for 
printing a ticket 712, a magnetic card reader 702, a SmartCard reader/writer 706, a 
barcode reader 708, display with touch-screen 726, a keypad 724, a video camera 728 
and/or a UL 291 certified cash safe 716, for example. The UL 291 certified cash safe 
716 prevents robbery of the cash stored inside the APVU 700. The APVU 700 may 
further include biometric ID readers, ID token readers to read other forms of advanced ID 
devices such as ID buttons, ID key-chains, etc. as well as secure communications means 
for communicating with personal wallets, hand held PCs or computer wrist-watch via 
infra red, magnetic field, capacitive charges or RF (Bluetooth, IEEE 802.1 1, etc.) for 
identification purposes. 

When a player wishes to redeem the credit available in his or her account, the 
player may consult a nearby APVU 700 or "smart-cashier" who will identify the player's 
account using one of the ID media provided by the player, query the central server(s) 112 
for payment authorization, then proceed with cash payment via the coin hopper 718 and 
note dispenser 714, for example. When processing the payment authorization, smart 
pattern analysis software may be used to detect possible fraud. The APVU 700 may also 
allow the player to credit directly his or her account by remitting cash via the note 
acceptor 720, the coin acceptor 722 or alternatively via Electronic Fund Transfer ("EFT") 
with his or her bank account, to play one of the gaming machines. Any of the ID media 
may be used to allow the player to play on any of the gaming machines connected to the 
network 102. 

Figure 8 illustrates a typical tightly coupled configuration that may be used with 
the present gaming machines. The gaming machine main processing platform maybe 
built on a PC or equivalent hardware platform 801 that communicates with the central 
server(s) 1 12 and the PVU 500, 600, 700 via a network link. In addition to the PC 
platform, operating system, low level software, power supply, the main enclosure and 
any physical intrusion security, a gaming machine according to the present invention may 
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include payment and identification devices, high-level application software modules, 
network communication means for enabling the gaming machine to exchange data with 
external devices (such as the central server(s) 1 12 and the PVU 500, 600, 700). The 
present gaming machine may also include an internal true RNG 808 (Random Number 
5 Generator) or means for receiving random combinations via the network 102 from 

external devices. 

A hardware RNG is extremely desirable in order to ensure maximum entropy of 
encryption of the secret keys such that the encrypted keys are formed of true random bits, 
thereby rendering a brute force attack thereon to its maximum theoretical level of 

10 difficulty. An embedded true RNG based on diode noise, for example, enables 

systematic use of the highest encryption strength for the encryption algorithms and key 
length allowed by government. Flaws in RNGs and badly chosen encryption keys are 
responsible for highly publicized cracked systems. Although 128-bit encryption such as 
RS A, 3DES, etc. requires a considerable theoretical computer power to crack, a badly 

15 chosen encryption key may result in the secret keys being cracked within hours. There is 

a need to provide the gaming machines and external sources of random numbers coupled 
to the present gaming machines with almost "Military Defense Class" security. Virtual 
private Networks (VPNs), Secure Socket layer (SSL) and other secure communication 
protocols that rely on locally generated encryption keys are solutions that are widely 

20 available today. The resilience of such encryption protocols to attack depend on the 

quality of the encryption keys or their maximum entropy, such as discussed in Schneider, 
Secrets and Lies: Digital Security in a Networked World. Wilev& Sons, Inc. © 2000, 
pages 102-106, which is incorporated herein by reference. 

The present gaming machine may also include one or more player video displays 

25 802 driven directly by a multimedia controller within the gaming machine or driven 

externally thereto, one or more non-video displays 804 such as status indicators, digital 
indicators, mechanical indicators, blinking lights illuminations and the like and one or 
more player interactive controls 806 such as a one-arm bandit handle, push-buttons, 
trackballs or a joystick. As shown, the payment and identification devices of the present 

30 gaming machines may include a coin acceptor 8 1 0, a coin dispenser or hopper 8 1 2, a bill 

or note acceptor 814, a bill dispenser 816, a smart card reader and writer 818, a smart 
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card dispenser 820, a bar or other machine readable code reader 822, a ticket printer 824, 
a magnetic card reader 826, a biometric ID reader 828 and/or other devices, generically 
referenced at 830. The payment and identification devices may advantageously be 
coupled to the platform 801 via RS232/ RS485 or similar connections. 

The payment and identification devices listed above are collectively referenced 
herein as "specialized devices" herein below and may not all be present in a given 
gaming machine configuration. For example, a gaming machine may only be configured 
for cash-less payment using voice ID; in that case, only a microphone and touch-screen 
(and/or display and keypad) need be present. Moreover, the list of specialized devices 
above is not limitative, as new specialized devices may become available such as 
interfaces with personal wallets, contact-less smart cards or ID tokens, for example. Any 
such specialized devices may readily be incorporated within the present gaming 
machines. It is to be noted that the purpose for listing a significant number of specialized 
devices is not to recommend equipping gaming machine with each listed specialized 
device, but rather to teach the benefits of designed-in modularity, as is discussed in detail 
herein below. Furthermore, the same architecture may be advantageously applied to the 
APVU 700 (Automated Payment Verification Unit or Smart-Cashier). 

In legacy gaming machines, the connection between specialized devices and the 
processing hardware is rather ad-hoc, as a wide variety of interfaces are encountered such 
as RS232, RS422, Parallel, via dedicated add-on board, etc. More recent specialized 
devices are now capable of providing a Universal Serial Bus ("USB") interface. 
However, all of these devices require that special software (software device drivers) that 
understands the inner characteristics of the hardware be developed. Software device 
drivers are well known to be difficult to develop and to introduce computer instabilities 
and limitations, especially when there is a large number of devices that may give rise to 
resource sharing conflicts. 

As shown in Fig. 8, the high-level software application modules for a gaming 
machine according to the present invention may include an audit engine 832, an 
authentication engine 834, a business engine 836 and/or a video entertainment/game 
engine 838. The audit engine 832, as a passive observation layer, transparently intercepts 
all the important events and all regulatory critical parameters associated with the 
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operation of the specialized devices such as cash/cash-out or submitted identification 
information, the serial numbers of all connected devices and generates a non-modifiable 
reference audit log 840 that may consulted by the central server(s) 1 12 or the PVU 500, 
600, 700. In addition, the audit engine 832 compares all devices connected to the gaming 
machine with a map of authorized regulatory configurations and may alert responsible 
personnel and/or regulators whenever non- valid device configurations are encountered, 
such as may occur after replacing devices or relocation of the gaming machine. The 
audit engine 832 may include instantly accessible non-volatile data storage, which data 
storage may be locally or remotely located (accessible via network 1 02). This would 
allow resolving data coherence and correctness in case of power failure, interruption, 
virus infection and/or software crash so as not jeopardize the accuracy of the game record 
keeping. For example, the audit engine 832 allows resolving conflicts wherein a record 
indicates a win and a payout amount although a power interruption has prevented the full 
payout from occurring. Moreover, the audit engine 832 may keep very specific 
accounting data as required by a given jurisdiction to meet locally applicable gambling 
regulations. For example, the audit engine 832 may keep a log of each drawn random 
number combination for audit purposes. 

The audit engine 832 may keep audit trails separately for all of the different forms 
of monetary value that may be accepted by modern gaming machines such as, for 
example, audit trails of all wagers found in the coin and currency cash boxes. In gaming 
machines equipped with coupon readers, audit trail of the currency box may contain bar 
coded coupons of varying amounts in addition to cash. In the case of cashless wagers 
(e.g., those placed from player charge accounts or using some form of electronic money), 
as there is no currency in either of the coin or currency cash boxes, the audit trail may 
include relevant information exchanged during the player identification process, retrieval 
of the balance held in the central server(s) 1 12, the wager debits and the prize credits, for 
example. 

The authentication engine 834 may include functionality to consult a Certificate 
Authority (which may be located on a server on the network 102 or on a computer 
network connected thereto), certify the authenticity of the identification presented, 
authorize a given operation, ensure data integrity of data exchanged, securely time-stamp 
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the operation (to ensure non-repudiation of the operation) and/or revoke illegal 
identifications, for example. 

The business engine 836 handles the games rules and the associated bookkeeping 
and may be subject to regulatory requirements. The business engine 836 handles the 
business aspects of the game and/or entertainment provided, controls wagers and 
maintains the prize matrix. This software application module customarily requires 
extensive testing by an independent laboratory to receive the certification mandated by 
local regulatory requirements. The regulatory requirements essentially insure that funds 
are reliably disbursed to legitimate players and insure that funds are not acquired by other 
individuals because of flaws, cheating and/or stealing. 

The business engine 836 may include a transaction engine 842 for online 
operation with the central server(s) 112. In the case of game of chance, the video / 
entertainment / gaming engine 844 receives the current draw from one or more random 
number generators 808 located inside the gaming machine or outside the gaming 
machine (see reference numbers 902 and 904 in Fig. 8), in accordance with local 
regulatory requirements. In case of games of skills, the gaming engine 844 receives the 
bonus from the business engine 836 in accordance with a given skill strategy, which may 
also require certification by a regulatory body and compliance with local regulatory 
requirements. An example of skill strategy may be rapidity, precision, ability to reach a 
given score, intelligence, memory, ability to focus on critical events amongst less critical 
events, etc. The business engine 836 may have received the applicable regulatory 
certification as illustrated by the star-shaped stamp 846. 

The video / entertainment / game engine 844 communicates with the business 
engine 836 to translate the business rules into an attractive interactive experience for the 
player. Indeed, the video / entertainment / game engine 844 handles the player user 
interface, the multimedia interactive and entertainment and game graphics, sound, 
motion feedback and video streaming. The video / entertainment / game engine 844 may 
include a library 838 that offers a variety of entertainment multimedia, game multimedia 
and video streaming to suit the player's taste and expectations, as well as to 
accommodate a given strategy formulated by the game operator. For example, the engine 
844 and library 838 may implement the methods and systems disclosed in commonly 



WO 03/045517 



PCT/US02/37537 



17 

assigned and co-pending US patent application entitled "Methods And Systems For 
Electronic Virtual Races", serial number 9/838,563 filed on April 19, 2001, the 
disclosure of which is incorporated herein. 

The central server(s) 1 12 provides on-line control of the gaming machines, the 
PVU 500, 600 and APVUs 700. A preferred embodiment of the present invention is for 
the central server(s) 1 1 2 to instantly capture all the critical events occurring within the 
entire gaming system 100, including for example when each coin is inserted in the coin 
acceptor 8 1 0, noting its value as well as each coin rejection event. Further operation of 
the gaming machine may be prevented upon failure of the network 102. This principle is 
the basis of operation of large lottery systems, whereby thousands of terminals are 
deployed in remote areas. Such a model has proven to be extremely successful at 
avoiding fraud, including fraud committed by employees having access to sensitive data 
such as program source code. Performance is not an issue, as central servers) 1 12s may 
use a farm of Intel Pentium® (for example) -based servers and a transactional protocol 
such as described in commonly assigned and co-pending patent application entitled "Fast 
Web Interface Server, Network Architectures And Systems Using Same" serial number 
09/565,579 filed on May 4, 2000 and commonly assigned and co-pending US 
application entitled "Trusted Transactional Set-Top Box" serial number: 09/862,165 
filed on May 21 , 2001 , the disclosures of which are incorporated herein by reference, 
may handle tens of thousands of transactions per second with a guarantied latency for 
each individual transaction no greater than 200 milliseconds. 

Figure 9 illustrates a modular configuration that may be applied to a gaming 
machine according to the present invention, in which the gaming machine includes the 
same elements as described above but arranged in a modular fashion with their software 
Application Programming Interfaces or APIs clearly identified. Moreover, Secure APIs 
or S-APIs are also employed when data and programming security are essential. As 
represented in Fig. 9, the constituent elements of the present gaming machines 
communicate with one-another only via their associated APIs or S-APIs. 

It is to be noted that APIs not only define the exchange of information between 
the adjacent modules but also define how one module may provide services that may be 
consumed by the other. In this manner, one module may be made to control another 
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module. 

The specialized devices are assumed to possess the necessary embedded 
processing resources to control the entire operation of the device and to communicate 
with high-level application software via a clearly defined API or S-API. In Fig. 9, the 
capability to control the hardware is represented by the elements named "Driver"; 
consequently, the low level details necessary to operate the specialized device are not 
made available to the high-level software module. According to the present invention, 
the device drivers are either part of the embedded software of the specialized devices or 
form part of the software of the platform 801 (such as a PC or other computing platform), 
as to offer an API to the audit engine 832. Each specialized device is also assumed 
capable of supplying its identity to the central server(s) 1 12; this is represented by the 
element named "ESN", which is an acronym for Electronic Serial Number. It is 
advisable to rely on secure means of authentication that may cooperate with the 
authentication engine 834 to ensure that the ESN is not associated with an illegal 
specialized device. The authentication engine 834 may advantageously maintain a 
registry of authorized devices and may dispatch alerts to prevent illegal devices from 
operating. The player video displays 802, other player displays 804 and player 
interactive controls 806 are preferably modular devices capable of communication via a 
clearly defined API. Moreover, the audit engine 832 may read and record the serial 
numbers of each device connected to or coupled with the gaming machine. 

At least the high-level engines 832, 834, 836, and 844 may communicate with the 
central server(s) 112 and/or the PVU 500, 600, 700. 

The RNG (random number generator) located within the gaming machine 808 
preferably behaves in the same manner as a specialized device and, therefore, has the 
same networking, API and secure communication characteristics, requirements and 
behaviors. The gaming machines may selectively receive random numbers for the game 
draw from different sources 902 904 to accommodate the various regulatory 
requirements mandated by given states or given countries. As represented in Figs. 8 and 
9, the sources for such random numbers may be internal to the gaming machine as shown 
at 808 (wherein the RNG is configured as a specialized device), may originate from a 
RNG generator 902 internal or coupled to the PVU 500, 600 or APVU 700 and/or from a 
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RNG generator or generators 904 internal or coupled to the central server(s) 1 12. 
According to one embodiment of the present invention, a RNG generator may be 
provided for each gaming machine 200, 300, 400, each PVU 500, 600, 700 and for each 
central server 112. For example, a single or a plurality of RNG generators 904 coupled 
to the central server(s) 112 may provide random number combinations to a large number 
of geographically distributed gaming machines. Also, a single or multiple RNG 
generators 902 coupled to the PVU 500, 600 or APVU 700 may provide random number 
configurations for selected gaming machines at a single location, within a cluster 106 
and/or to several clusters 106, as shown in Fig. 1 . This configuration offers a great 
degree of flexibility and allows the present gaming system to meet most any applicable 
regulatory requirement relating to the RNG generators. 

Figure 10 shows another configuration of a gaming machine according to another 
embodiment of the present invention, showing how components once having a clearly 
defined APIs may be controlled instead by components via a LAN (Local Area Network) 
and/or a WAN (Wide Area Network) 1002 via Remote Procedure Calls "RPCs". A more 
modern control model is object-oriented, whereby a module may offer network services 
for consumption by other modules. Widely used standards for such object-oriented 
models include, for example, Distributed Common Object Module ("DCOM", developed 
by Microsoft Corporation) and Simple Object Access Protocol "SOAP", a vendor 
independent protocol based on extensible Markup Language ("XML"). 

It is to be noted that all the modern technologies for offering network services and 
consuming network services via wired or wireless networks have very high security 
protection using advanced security techniques such as authentication, encryption, Secure 
Sockets Layer ("SSL"), Public Key Infrastructure ("PKI"), Kerberos, True Random 
Number Generators (for generating secret keys with maximum entropy), hopping keys 
(constantly changing keys), 128-bit Wired Equivalent Privacy ("WEP") algorithm, etc. 
In addition, a Virtual Private Network ("VPN") tunnel may be used for secure inter- 
module communication. For example, a VPN tunnel may be established between the bill 
dispenser 816 specialized device and the central server(s) 1 12, or one or more software 
modules located on the central server(s) 112. A preferred embodiment of the present 
invention is to use the IPSec communication encryption standard that can be 
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conveniently applied as a system wide policy. 

Moreover, a "Network Access Point" component 1004 maybe introduced that 
simply allows the APIs of the specialized devices to be directly supported and controlled 
over the network 102, 1002. These Network Access Points 1004 are sometimes called 
"IP Converters". Examples of such network access points or IP converters include the 
USB to Ethernet converter from Inside Out Networks (www.IONetworks.com ) and the 
RS232 to Ethernet from Moxa Technologies (www.moxa.com y Ideally, an Ethernet 
interface would be directly embedded on processing hardware that controls the 
specialized device. 

An embodiment of the present invention includes the use of the IP protocol for 
intercommunication between each of the modules shown in Fig. 9. Other existing or 
future protocols may also be used such as, for example, IPX from Novel; however, the IP 
protocol is universally used for the Internet and many communicating products and 
components support it. The payment and identification devices may be coupled to the 
Network Access Point or IP Converter 1004 by an RS232, RS485, USB, I2C, 802. 1 1 , 
Blue Tooth, Ethernet, Fire Wire or most any standardized interface. 

An embodiment of the present invention includes automatic binding of 
specialized devices with the central server(s) 112 following their activation for example 
after power-on or reset. Fig. 19 shows a simplified diagram wherein a specialized device 
coupled to the central server(s) 112 by network 102 sends, following its activation, 
broadcast packets over the network 102 indicating its availability. The broadcast packet 
may contain data identifying the specialized device and describing its location and 
capabilities. The server 112 that needs to communicate with this specialized device then 
enters into a binding protocol in order to establish bi-directional communication. A 
preferred embodiment for the automatic binding is the Universal Plug and Play standard 
proposal led by Microsoft, although other binding protocols may be used. 

According to another embodiment of the present invention, the specialized 
devices may be configured to offer asynchronous notification of events directly to the 
central server(s) 1 12 over a communication network, such as shown at 102, for example. 
Fig. 20 shows a simplified diagram wherein a specialized device, coupled to the central 
server(s) 1 12 by a network, sends asynchronous notifications packets to the central 
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servers) 112 following an event being received by the specialized device or an event 
generated by the specialized device. For asynchronous notification of events, the 
server(s) 1 12 may register (subscribe) with the specialized devices for the list of events 
that are of interest. Then, the event notification process running in the specialized device 
may produce a call back to the server(s) 1 12 (thus the name callback) in order to pass 
details on the event information when it occurs. A mechanism to un-register 
(unsubscribe) may be provided wherein the server(s) may inform the specialized device 
to stop sending asynchronous notification of events. A preferred embodiment of the 
asynchronous notification of events is the callback feature of COM+, DCOM, 
REMOTING technologies from Microsoft and the callback capability of SOAP, although 
other technologies may be implement within the context of the present invention. 

Figure 1 1 shows another embodiment of the present invention, in which the 
present gaming system is network-centric. In Fig. 1 1, the network 1 102 is the 
centerpiece thus allowing all the elements internal to as well as external to the gaming 
machine to interact with one another over the network 102. This wheel and spoke 
network topology brings great flexibility benefits, as detailed herein under, as it allows 
virtually any configuration to be chosen for assembling the present gaming machines. 
For example, the business engine 836 may be located within the gaming machine, within 
the PVU 500, 600, 700 or within the central server(s) 112. Likewise, the 
video/entertainment/games engine 844 may also be located within the gaming machine, 
within the PVU 500, 600, 700 or within the central server(s) 1 12. The same holds true 
for the audit engine 832. The video/entertainment/games engine 844 may support real 
time MPEG compression. For example, the broadband channel between the LAN/Wan 
1 102 and the video/entertainment/games engine 844 may accommodate video streams 
encoded using the MPEG4 compression standard (for example) at 100/1000Mbits/sec, 
enabling high quality graphics and video to be rendered on the player video displays 802 
of the gaming machine(s). 

Moreover, the technologies for offering and consuming services over a network 
such as network 1 102 work equally well without any network; consequently the high- 
level software modules may remain unchanged whether or not a network exists inside the 
gaming machine for inter-module communication. Thus, the same high-level software 
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modules may be used whether the gaming machine relies on a tightly coupled 
configuration as shown in Fig. 8 or on a loosely coupled configuration as shown in Figs. 
10 and 11. 

The flexibility to configure a gaming machine in a variety of ways and avoid 
modifying high-level software modules (especially certified modules) is immensely 
valuable for a company that produces gaming machines to the global market, as 
regulatory requirements vary significantly from country to country and from state to state. 
Moreover, a manufacturer may more readily leverage on advanced integrated software 
development platforms such as Microsoft .NET to promote significant re-use of code 
across the product line, accelerate development time, improve code quality, facilitate 
code maintenance and upgrade and reduce development cost. 

Figure 12 represents an extension of Figure 1 1, in which the specialized devices 
are directly capable of network communication using, for example, technology developed 
for smart IP peripherals, according to a still further embodiment of the present invention. 
Smart IP peripherals are commonly called Internet Appliances. According to an 
embodiment of the invention, the specialized devices may each be controlled by a 
processor capable of supporting an operating system such as Microsoft Windows CE, 
Microsoft Embedded XP or Embedded Linux; IP networking maybe carried out via a 
wired or wireless link. With such advanced operating system, applications may be 
loaded from the network. Therefore, applications need not be stored locally within the 
specialized device, thereby avoiding software upgrade issues. Indeed, application 
software may be loaded into the gaming machines 200, 300, 400, any specialized device 
thereof from a remote server 1 12 and/or from a PVU 500, 600, 700. Similarly, 
application software maybe loaded into the PVUs 500, 600, 700 and/or into any 
specialized devices therein from a remote server 112. Moreover, the entire operating 
system of the present gaming machine may be replaced over the network 1202. The 
operating system may be booted from the network 1202 using PXE (Preboot Execution 
Environment), for example. 

Figure 13 represents the APVU 700 equipped with IP-Ready specialized devices. 
These specialized devices are preferably interchangeable with the IP-Ready specialized 
devices that equip the present gaming machine. Therefore, the APVU's specialized 
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devices may interact directly with the central server(s) 1 12 via network services, thus 
benefiting of the same advantages as the gaming machine. As shown, the APVU 700 
may incorporate hardware and corresponding software modules for a microphone 1302, a 
sound system 1304, a video camera 728, a display 1308, a keypad 1310, an alarm system 
1 3 1 2, a active security system 1 3 1 4 for the internal safe, a power supply 1316 and an 
Uninterruptible Power Supply ("UPS"). Network Services, as referred to herein, relate to 
service-oriented architectures such as Microsoft DCOM, Common Object Request Broker 
Architecture (CORBA), Microsoft .NET and Sun Java 2 Platform, Enterprise Edition 
(J2EE), for example. Microsoft .NET and Sun J2EE are also commonly referred as 
"Web Services" and offer a universal solution over the Internet using XML, SOAP, Web 
Services Description Language (WSDL) and Universal Description, Discovery and 
Integration (UDDI) standardized technologies. UDDI nodes enables developers to 
publish web services and enables their software to search for and bind to services offered 
by others. 

Network Services deliver loose coupling services between service 
requestors and service providers. Service requestors "consume" services provided by . 
services providers. Publication of service descriptions play a central role to enable 
service requestors to discover available services and bind to them. The service 
descriptions allow service requestors to bind to the service provider. The service 
requestor obtains service descriptions through a variety of techniques, from the simple 
"e-mail me the service description" approach to techniques such as Microsoft DISCO and 
sophisticated service registries like UDDI. 

Network services offer a network distributed objects/services 
infrastructure for transparent activations and accessing of remote objects/services. 
Objects are typically the EGD's peripherals such as a note acceptor, and the services are 
the functions performed by the peripheral that are accessible externally via the IP 
network such as the value of the banknote entered. The central server is typically a 
service requestor. Peripherals are commonly service providers as well as service 
requestors (consuming services provided by the central server). In the same way, the 
central server is a services requestor and a services provider. 

For the present invention, Microsoft DCOM is a currently preferred 
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technology, as DCOM support is already integrated into Microsoft Windows CE and 
Embedded XP. In the long term, Microsoft .NET web services over a private IP network 
(or VPN over Internet) may become the preferred technology, as it offers flexible and 
dynamic discovery of Net/Web services. The notion of a private or non-operator UDDI 
node is critical to the emergence of a dynamic style of a service-oriented architecture. As 
of this writing, Microsoft has announced support of .NET web services in Windows 
CE.NET. 

Figure 14 illustrates a possible configuration that leverages on a virtual 
configuration architecture in which partial processing may be carried out at the central 
servers) 1 12 (i.e., the gaming machines 200, 300, 400, the PVUs 500, 600, 700 may 
offload all or a part of their processing to the central servers 1 12. In this case, the audit 
engine, the authentication engine and the business engine software modules 832, 834, 
836 may be located externally to the gaming machines, such as in the central server(s) 
1 12, noting that the modules securely interact with one another precisely via their APIs, 
as defined in Fig. 9. That is to say, the specialized devices located in the present gaming 
machine interact directly with the audit engine 832 located in the central server(s) 1 12 
via network services. In the same manner, the video/entertainment/games engine 844 
located in the gaming machine interacts directly with the business engine 836 located in 
the central server(s) 1 12. The specialized devices and the video entertainment/games 
engine 844 located inside the gaming machine do not communicate or interact with one 
another. 

The advantages of the configuration described above include significantly 
increased data integrity (fully on-line system, fault/disaster tolerant central server(s) 1 12), 
significantly strengthened fraud control (fully on-line system, centralized audit log, 
centralized code execution, quality code, centralized authentication), significantly 
increased stability (server class operating system, quality code, fault tolerant central 
server(s) 1 12), immediate code upgrade capability, accurate and instantly available audit 
(all the gaming machine critical events are instantly logged in the centralized audit log 
840). Moreover, the hardware necessary to support the execution the video 
entertainment/games engine software module may be a very economical yet extremely 
multimedia capable game console such as Microsoft Xbox® or Sony PlayStation®, for 
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Figure 15 illustrates the trend in server hardware to increase the processing power 
per square foot of floor space. As shown, computer cabinets are available in multiples of 
the standardized "U" size and 42U high cabinets are commonly used for computer 
5 servers. lU-size "pizza box like" servers are very popular with Internet service - 

providers, which form factor allows 42 computer servers to be stacked on top of one 
another in a 42U size cabinet, as shown at 1502. Already, computer suppliers are packing 
twice and even 4-times this density, whereby 2 and 4 computer servers are integrated in a 
1U rack, thus offering 84 and 168 computer servers 1 12 per 42U cabinet, as shown at 

10 reference numerals 1 504 and 1 506, respectively. 

An alternative to the 1U pizza size form factor servers is the "blade" size factor 
whereby a complete server 1 12 may be integrated on a narrow board or blade. One 
presently proposed configuration allows 9 (reference numeral 1508) or 10 blade servers 
to be logged into a 3U size rack as shown on the right side of Fig. 15. These racks may 

15 then be stacked, as shown at 1510. The complete server fits on a small board that may be 

very easily accessed for replacement or upgrade. Higher density dense servers are being 
developed that make use of very low power processing components such as fitted in 
laptops and hand held PCs, to help resolve the heat dissipation problem. It is to be noted 
that each of the servers discussed above may include a complete computer with CPU, 

20 memory, disk, network interface, and optionally full graphics. Large server farms that 

have on the order of 10,000 servers employ this type of dense server technology. 

According to one embodiment of the present invention, each server shown in Fig. 
15 corresponds to a central server 1 12 and maybe associated with and connected to a 
remotely located gaming machine. Preferably, each server 112 shown in Fig. 15 is 

25 configured for multimedia graphics, generating 3D video and data streams encoded 

according to an MPEG standard, for example. In this manner, the central servers 112 
may be constructed of an array of inexpensive servers, such as off the shelf PCs. Indeed, 
according to another embodiment of the present invention, the video stream shown to the 
player is generated (in MPEG4 format, for example) and streamed to the gaming 

30 machine over a broadband connection. 

Figure 16 illustrates another embodiment of the present invention in which the 
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execution of all the high-level software modules may be carried out at the central 
server(s) 1 12, including the video entertainment/game engine module 844. For this, a 
high-speed network 1602 is required to bring the video signal to the gaming machine, 
which may then be fitted with a simple video receiver. Each remote gaming machine 

5 may be connected to and associated with an individual server 1 12 within the central 

server system or farm of server 1 12. Other player displays and interactive control may 
also be controlled directly by the central server(s) 1 12 via network services. 

Suitable means of transmitting such a video signal to the present gaming machine 
may include, for example, cable or wireless TV, HDTV or digital TV broadcast whereby 

10 each gaming machine is tuned to receive a separate predetermined frequency 

corresponding to the image to be displayed to the player, high quality video streaming 
such as MPEG2, MPEG4, or other emerging digital video standards via Fast Ethernet 
such as 100Mbps, 1000Mbps and upcoming higher bandwidth protocols, a fiber optic 
network, a wireless network such as IEEE 802.1 lb (1 1Mbps), 802.1 la (54 & 72 Mbps @ 

15 5 GHz), 802. 1 lg (54 Mbps @ 2.4GHz) and upcoming higher bandwidth protocols. It is 

to be noted that the means of video transmission and reception listed above, whether 
based on TV technology or media streaming technology, are already fairly economical 
and it is believed that the associated costs will continue to decrease rapidly. 

Figure 17 illustrates another embodiment of the present invention, in which a 

20 server (an individual PC, for example) located in a 42U Bay (for example) is associated 

with each gaming machine at the central server(s) 1 12. The server 1 12 associated with 
each gaming machine would then execute all or part of the software modules (audit 
engine 832, the authentication engine 834, the business engine 836 and the video 
entertainment/game engine 844) of the gaming machine. Interaction between the gaming 

25 machines and the central server(s) 1 12 is via network appropriate services as detailed 

above. 

In particular, intensive video rendering to the player may be best if generated by 
an individual server at the central site and then the generated video signal may then be 
transmitted to the gaming machine. In this manner, there is considerable power to 
30 generate very advanced and attractive graphics for the player. Real-time translation to 

video streaming such as MPEG2 or MPEG4 may require hardware acceleration that may 
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be carried out by a separate dedicated integrated circuit or alternatively may be directly 
integrated within the graphic processing unit of the server associated with the gaming 
machine. 

Devices to receive high quality video information from the central server(s) 1 12, 
decode it and display it on a TV screen or a video display monitor are readily available. 
These devices use advanced electronic components developed for the latest generation 
Internet ready set top boxes and interactive TV systems. For example, such devices may 
be drawn from the devices and systems disclosed in commonly assigned and co-pending 
patent application serial number 09/932,282 filed on August 17, 2001 and entitled 
"Interactive Television Devices And Systems", the disclosure of which is incorporated 
herein in its entirety. 

According to further embodiments of the present invention, each of the gaming 
machines may be configured to selectively offload computations to the farm of computer 
servers over the communication network. This may be done in a one-to-one manner 
whereby a computer server is entirely allocated to a given gaming machine, in a one-to- 
many manner whereby several computer servers are allocated to one gaming machine, or 
in a many-to-one manner whereby one computer server is allocated to several gaming 
machines. 

Figure 18 shows another embodiment of the present invention in which the 
operating system and/or applications of each server 1 12 (collectively referenced by 
numeral 1806) may be booted from a central data storage such as a Storage Area 
Network (SAN) device 1804 coupled to the network 1802. This approach is commonly 
used for large server farms, as it enables each server 1 12 to obtain the same software 
image from a central repository (SAN 1804). Consequently, software upgrades are 
immediate. The PXE (Preboot Execution Environment) standard may be advantageously 
adopted to enable booting of the operating system within each of the server computers 
1 12 via the network 1 802. In this manner, each server 112 boots and loads the same 
software image from a centralized network accessible storage 1804. 

The video rendering and distribution approach described above whereby the 
intensive graphics operations are performed at the central server(s) 1 12 has considerable 
benefits for the gaming machines, notably: 
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a. Low cost computer hardware (no CPU intensive graphics operation, no 
expensive graphics accelerator); 

b. Stability and reliability as the gaming machine computer platform 
(hardware and software) are simple and do not need to be upgraded; 

c. Future proofing (prevents obsolescence), as no software or hardware 
upgrades are required to accommodate extremely resource intensive multimedia 
advances such as future generations of advanced graphics animation, voice recognition, 
face recognition, avatar creation, etc. Moreover, selection of a given microprocessor 
architecture, operating system platform and supplier do not impact the future capabilities 
of the gaming machine, and 

d. the video encoding, transmission, reception and decoding means may use 
low cost and mass-produced economical TV and streaming media components. 

Moreover, this approach is ideally suited for offering wireless mobile gaming 
machines that players may take to the bar, the restaurant, the swimming pool, their hotel 
room, etc. 

CONCLUSION 

The invention offers a modular architecture for an on-line gaming system that 
may readily accommodate the wide variety of regulatory requirements encountered 
around the world. The strongest open security standards may be used. The very complex 
software code is located in the high-level software modules that may advantageously be 
developed using an advanced unified integrated development environment (such as, for 
example, Microsoft .NET). The various elements may be arranged in a tightly coupled 
configuration, loosely coupled configuration or in a mixture of tightly and loosely 
coupled configuration without requiring the high-level software modules to be entirely 
redesigned, retested and re-certified. In most cases, the high-level software modules may 
be re-used without modification thus saving enormous cost and development, validation 
and testing time. A gaming system may be constructed using a wide variety of computer 
hardware and software platforms, and make use of the latest multimedia technologies to 
attract the younger generation of players used to flashy and networked games. IP-Ready 
specialized devices using Internet appliance technologies offer tremendous benefit as the 
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gaming machines, entertainment machines and payment verification units become a 
simple shell; the devices may be fully managed by the central server(s) 1 12. A preferred 
embodiment of the invention is one in which the processing of all the high-level software 
modules, including graphics rendering, is carried out by the central server(s) 1 12, which 
relies on a server-class operating system and fault tolerant computing platform. 
Consequently, the present invention provides an architecture that overcomes the 
technical lag, security limitations and lack of stability of the prior art. 

Rapidity changing technologies, such as advanced multimedia graphics and 
biometric recognition that require continual increase in processing power are, in the 
present invention, processed at the central server(s) 1 12. The present gaming machine, 
according to one embodiment thereof, only requires means of receiving and displaying 
high quality video images and means for sending locally captured biometric data (such as 
voice or video image of player) to the central server(s) 12. Wireless mobile gaming 
machine may be readily constructed. The central server(s) 1 12 (constructed with 
advanced server blades in one embodiment of the present invention) may be readily 
upgraded at any time by plugging in new replacement blades. Moreover, it is likely that 
entire server blades will soon fit on a single integrated circuit. One or more servers 1 12, 
therefore, may fit on a single integrated circuit. The present gaming machines do not 
require costly upgrades to take advantage of such multimedia advances. Consequently, 
the present invention provides an architecture that overcomes rapid obsolescence of 
technology. The devices, methods and systems disclosed herein provide a flexible 
architecture that enables international suppliers to readily accommodate the variety of 
specific regulatory requirements encountered around the world. 
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What is claimed is: 

1 . A gaming system, including: 
a communication network; 

at least one gaming machine coupled to the communication network, the at least 
one gaming machine including at least one specialized device coupled to the 
communication network; 

at least one central server, 

the at least one specialized device being configured to offer direct asynchronous 
notification of events to the at least one central server over the communication network. 

2. The gaming system of claim 1 , wherein the at least one gaming machine 
includes at least one of a cashless gaming machine, a cash gaming machine and an 
entertainment machine. 

3. The gaming system of claim 1 , wherein the at least one specialized device 
includes at least one player identification device. 

4. The gaming system of claim 1 , wherein the specialized device includes a 
device configured to handle payments to and from a player. 

5. The gaming system* of claim 1, wherein the at least one central server 
includes an automatic and unattended payment verification unit. 

6. The gaming system of claim 1 , wherein at least one of the plurality of 
specialized devices includes a random number generator. 

7. The gaming system of claim 1 , wherein the communication network is 
wireless. 

8. The gaming system of claim 1, wherein the gaming machine is portable 
and mobile. 

9. The gaming system of claim 1 , wherein at least one of the plurality of 
specialized devices communicates with the at least one central server using one of an IP 
protocol, a secure protocol, a secure IP protocol, a VPN tunneling protocol, the Kerberos 
protocol and a SSL protocol. 

10. The gaming system of claim 1 , further including a Certificate Authority 
and wherein communications from the plurality of specialized devices to the at least one 
central server are authenticated by the Certificate Authority. 
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1 1 . The gaming system of claim 1 , further including high-level software 
modules, wherein the plurality of specialized devices are controlled by the high-level 
software modules. 

12. The gaming system of claim 1 1, wherein the high-level software modules 
are located in each of the at least one gaming machine. 

13. The gaming system of claim 1, wherein the high-level software modules 
are located in each of the at least one central server. 

14. A gaming system including: 
a communication network; 

at least one payment verification unit coupled to the communication network, the 
at least one payment verification unit including a plurality of specialized devices; 

at least one central server, the at least one central server being configured to 
communicate with the plurality of specialized devices. 

1 5. The gaming system of claim 14, wherein the at least one payment 
verification unit includes an automatic and unattended payment verification unit. 

1 6. The gaming system of claim 14, further including at least one gaming 
machine coupled to the communication network, the at least one gaming machine 
including a plurality of specialized devices that are controlled by the at least one payment 
verification unit. 

17. The gaming system of claim 14, wherein the specialized devices are 
controlled by the at least one payment verification unit. 

18. The gaming system of claim 14, wherein the specialized devices are 
controlled by the at least one central server. 

19. The gaming system of claim 14, wherein the communication network is 
wireless. 

20. The gaming system of claim 14, wherein at least one of the plurality of 
specialized devices is configured to handle payments to and from a player. 

21 . The gaming system of claim 14, wherein at least one of the plurality of 
specialized devices is configured to identify players. 

22. The gaming system of claim 14, wherein the at least one specialized 
device includes a random number generator. 
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23. The gaming system of claim 14, wherein the at least one specialized 
device communicates with the at least one central server using one of an IP protocol, a 
secure protocol, a secure IP protocol, a VPN tunneling protocol, the Kerberos protocol 
and a SSL protocol. 

24. The gaming system of claim 14, further including a Certificate Authority 
and wherein communications from the at least one specialized device to the at least one 
central server are authenticated by the Certificate Authority. 

25 . The gaming system of claim 14, further including high-level software 
modules, wherein the at least one specialized device is controlled by the high-level 
software modules. 

26. The gaming system of claim 26, wherein the high-level software modules 
are located in the payment verification unit. 

27. The gaming system of claim 26, wherein the high-level software modules 
are located in the central server. 

28. A system for controlling gaming machines, including: 
a communication network; 

at least one gaming machine coupled to the communication network, the at least 
one gaming machine including at least one specialized device coupled to the 
communication network; 

at least one payment verification unit, 

the at least one specialized device being configured to offer direct asynchronous 
notification of events to the at least one payment verification unit over the 
communication network. 

29. The system of claim 28, wherein the at least one gaming machine includes 
at least one of a cashless gaming machine, a cash gaming machine and an entertainment 
machine. 

30. The system of claim 28, wherein the at least one payment verification unit 
is an automatic and unattended payment verification unit. 

31. The system of claim 28, wherein the at least one specialized device is 
controlled by the at least one payment verification unit. 

32. The system of claim 28, wherein the at least one specialized devices 
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include at least one player payment device. 

33. The system of claim 28, wherein the at least one specialized devices 
includes at least one player identification device. 

34. The system of claim 28, wherein the at least one specialized devices 
includes at least one random number generator. 

35. The system of claim 28, wherein the communication network is wireless. 

36. The system of claim 28, wherein the at least one gaming machine is 
portable and mobile. 

37. The system of claim 28, wherein the at least one specialized device 
communicates with the at least one central server using one of an IP protocol, a secure 
protocol, a secure IP protocol, a VPN tunneling protocol, the Kerberos protocol and a 
SSL protocol. 

38. The gaming system of claim 28, further including a Certificate Authority 
and wherein communications from the at least one specialized device to the at least one 
central server are authenticated by the Certificate Authority. 

39. The gaming system of claim 28, further including high-level software 
modules, wherein the at least one specialized device is controlled by the high-level 
software modules. 

40. The gaming system of claim 39, wherein the high-level software modules 
are located in the payment verification unit. 

41 . A system for controlling gaming machines, including: 

at least one gaming machine including a first random number generator; 
at least one central server including a second random number generator, and 
a communication network linking the at least one gaming machine and the at least 
one central server, wherein the at least one gaming machine is configured to selectively 
obtain random numbers from the first or the second random number generator. 

42. The system of claim 41, further including at least one payment 
verification unit coupled to the network, the payment verification unit including a third 
random number generator and wherein the at least one gaming machine is configured to 
selectively obtain random numbers from the first, second or third random number 
generators. 
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43 . The system of claim 4 1 , wherein the at least one gaming machine includes 
at least one of a cashless gaming machine, a cash gaming machine and an entertainment 
machine. 

44. A system for controlling gaming machines, including: 

at least one gaming machine including a first random number generator; 
at least one payment verification unit including a second random number 
generator, and 

a communication network linking the at least one gaming machine and the at least 
one payment verification unit, wherein the at least one gaming machine is configured to 
selectively obtain random numbers from either the first random number generator or the 
second random number generator. 

45. The system of claim 44, wherein the at least one gaming machine includes 
at least one of a cashless gaming machine, a cash gaming machine and an entertainment 
machine. 
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